PT-2025-36277 · Linux+8 · Linux Kernel+8

Published

2025-01-01

·

Updated

2026-05-22

·

CVE-2025-39682

CVSS v3.1

7.1

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The Linux kernel contains an issue in the TLS implementation related to handling zero-length records on the rx list. Each recvmsg() call is designed to process either contiguous DATA records or a single non-DATA record. The code failed to correctly handle scenarios where a zero-length record was encountered after a zero-copy decryption, as the associated skb (socket buffer) was not available for queuing to the rx list. This could lead to unexpected behavior when processing subsequent records.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Allocation of Resources Without Limits

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-770CWE-120

Related Identifiers

ALSA-2025:16880
ALSA-2025:16904
ALSA-2025_16880
ASB-A-440544511
AZL-67001
BDU:2025-12556
BDU:2025-12988
CVE-2025-39682
DLA-4328-1
DSA-6008-1
DSA-6009-1
ECHO-55C4-6CFD-DA78
INFSA-2025_16880
MGASA-2025-0234
MGASA-2025-0235
OESA-2026-2417
OESA-2026-2418
OPENSUSE-SU-2025:20081-1
RHSA-2025:19104
RHSA-2025:19223
RHSA-2025:19224
RHSA-2025_16880
SUSE-SU-2025:03600-1
SUSE-SU-2025:03601-1
SUSE-SU-2025:03602-1
SUSE-SU-2025:03633-1
SUSE-SU-2025:03634-1
SUSE-SU-2025:20851-1
SUSE-SU-2025:20861-1
SUSE-SU-2025:20870-1
SUSE-SU-2025:20898-1
SUSE-SU-2025:21074-1
SUSE-SU-2025:21139-1
SUSE-SU-2025:21179-1
SUSE-SU-2025:3725-1
SUSE-SU-2025:3751-1
SUSE-SU-2026:0144-1
SUSE-SU-2026:0145-1
SUSE-SU-2026:0146-1
SUSE-SU-2026:0148-1
SUSE-SU-2026:0171-1
SUSE-SU-2026:0202-1
SUSE-SU-2026:0203-1
SUSE-SU-2026:0209-1
SUSE-SU-2026:0262-1
SUSE-SU-2026:0269-1
SUSE-SU-2026:0270-1
SUSE-SU-2026:0274-1
SUSE-SU-2026:0283-1
SUSE-SU-2026:0284-1
SUSE-SU-2026:20149-1
SUSE-SU-2026:20164-1
SUSE-SU-2026:20169-1
SUSE-SU-2026:20248-1
SUSE-SU-2026:20249-1
SUSE-SU-2026:20250-1
SUSE-SU-2026:20251-1
SUSE-SU-2026:20252-1
SUSE-SU-2026:20253-1
SUSE-SU-2026:20254-1
SUSE-SU-2026:20255-1
SUSE-SU-2026:20256-1
SUSE-SU-2026:20257-1
SUSE-SU-2026:20258-1
SUSE-SU-2026:20259-1
SUSE-SU-2026:20260-1
SUSE-SU-2026:20261-1
SUSE-SU-2026:20264-1
SUSE-SU-2026:20265-1
SUSE-SU-2026:20266-1
SUSE-SU-2026:20376-1
SUSE-SU-2026:20377-1
SUSE-SU-2026:20378-1
SUSE-SU-2026:20379-1
SUSE-SU-2026:20380-1
SUSE-SU-2026:20381-1
SUSE-SU-2026:20382-1
SUSE-SU-2026:20385-1
SUSE-SU-2026:20392-1
SUSE-SU-2026:20393-1
SUSE-SU-2026:20394-1
SUSE-SU-2026:20395-1
SUSE-SU-2026:20396-1
SUSE-SU-2026:20397-1
SUSE-SU-2026:20398-1
SUSE-SU-2026:20399-1
SUSE-SU-2026:20400-1
USN-7833-1
USN-7833-2
USN-7833-3
USN-7833-4
USN-7834-1
USN-7835-1
USN-7835-2
USN-7835-3
USN-7835-4
USN-7835-5
USN-7835-6
USN-7856-1
USN-7887-1
USN-7887-2
USN-7940-1
USN-7940-2

Affected Products

Almalinux
Debian
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu